Change the Postgres Database Passwords on Monitor and Accelerator (Admin Only)

The VOV Postgres database uses three roles (user accounts) in normal operation:

The passwords for these roles are saved in properties on object 1 in the vovserver.  These are first established as random 16-character strings when the database is first initialized.

This article describes how to change the database passwords when the database is operating normally.

There are times when the database password is not properly saved on one of the three database roles. When this happens, Monitor (LM) and Accelerator (NC) cannot connect to the database. A separate article explains how to change the password so that NC and LM can connect to the database again if this is your situation.

To make changes to the postgres password, perform the following steps:

1. The database, by default, contains three  main roles, each with their own, preset password.
To find these roles and passwords, run the following commands:

+ get a shell as the project owner on the vovserver host
% source /path/to/rtda/installation/common/etc/ (or vovrc.csh depending on shell)
% vovproject enable <project_name>
% vovprop show 1 | grep SQL_PW

The output should look similar to this:

SQL_PW_rtdausr = '31UK,CAvlgaXPYXH'
SQL_PW_rtdamgr = 'k,.x5739Q4k<f,nC'
SQL_PW_rtdasu = ‘yZXQ4f5Fltq587gg

If no values are shown above, STOP.   Refer to the article "Setting VOV Postgres Database Passwords in Single-user Mode.

2. Before changing anything, you’ll want to save the existing passwords by saving the current values to a file.  We will save it in the 'db' config directory (note back-ticks):

% cd `vovserverdir -p db`
% vovprop list 1 | grep SQL_PW > dbpasswd_save.txt

For Windows customers, use the following commands:

% path/to/installation/win64/bat/vovinit.bat
% vovproject enable your-project
% vovprop show 1 | find "SQL_PW" > dbpasswd_save.txt

Note: From this point forward, all commands in this instruction set, assume that the shell is already running from the previous commands.

3. Verify that the database is running

% vovdb_util showcfg

4. Change the password for the database roles with the following commands.  Note that role rtdasu is used to change passwords for all three roles.

% vovsql_query -x -dbuser rtdasu -dbpassword <rtdasu-passwd> 'ALTER user rtdausr WITH password new-rtdamusr-passwd'

% vovsql_query -x -dbuser rtdasu -dbpassword <rtdasu-passwd> 'ALTER user rtdamgr WITH password new-rtdamgr-passwd'

% vovsql_query -x -dbuser rtdasu -dbpassword <rtdasu-passwd> 'ALTER user rtdasu WITH password new-rtdasu-passwd'

4. After the DB passwords have been updated, turn off the database with the following command.  We do this to verify that it can be started again successfully.

% vovdb_util stopdb

Now we will update the database password properties to match the new DB passwords.

5.  For the three roles, set the property by running the following command, with same values as used above, e.g.:

% vovprop set -text 1 “SQL_PW_rtdamgr” '&NeWpAsSwOrD!&'

6. Confirm this by running the vovprop list command.

% vovprop list 1 | grep SQL_PW

The output should now look like this:

SQL_PW_rtdamgr = '&NeWpAsSwOrD!&'

7. Re-start the database with the following command.  Check the output carefully for errors and save the startup output if there are any

% vovdb_util startdb -v

8. Confirm that the database has been started by logging into the browser and going to http://HOST:PORT/admin.

9. If all looks well, you're done.